Running Puppet in Client/Server Mode
In my last post, I introduced how to run a very simple HelloWorld script with Puppet 3.1.0 on CentOS 6.3. Although it shows how Puppet works, it’s not really how Puppet is used in real world. To get the most out of Puppet, you want to run the client/server mode where you have a master and many agents.
Part 1: Install Puppet server
To install a master, you will use the same repositories as installing the Puppet agent. The command for installing the server is slightly different. Here are the commands:
# rpm -Uvh https://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-6.noarch.rpm # rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm # yum -y install puppet-server
Part 2: Open up firewall
Puppet uses TCP port 8140, which is turned off by default on CentOS 6.3. To turn it on, you can click System – Administration – Firewall to open the Firewall Configuration. On the left side list, click the “Other Port,” and then click “Add” button on the right side pane. In the dialog box, click on the “User Defined” checkbox and enter “8140” in port field and pick “tcp” from protocol list. Don’t forget to click on the “Apply” button on toolbar afterwards.
Part 3: Set up host name
For Puppet client/server to work, you have to have all of them assigned DNS names. If you don’t have DNS configured, you can add a few lines to the /etc/hosts (# vim /etc/hosts) file as follows (last two lines):
127.0.0.1 localhost.localdomain localhost 192.168.0.100 puppetmaster.doublecloud.org puppetmaster puppet 192.168.0.101 puppetclient.doublecloud.org puppetclient
You will need to add the two or more lines to the both the server and clients. When you have multiple clients, you want to either set up DNS server, or add one line for each client involved.
If you want to change your machine name, you can simply run the following command:
# hostname puppetmaster
Part 4: Certificate management
According to several sites I read, the server got to sign the certificate to make sure the communication between Puppet agent and master is secure. In my case, I didn’t get the chance to sign the certificate request from agent.
To run the Puppet server, run one of the following commands on the server side. The first command shows extra information than normal commands as shown the second. Don’t run both of them.
# puppet master --no-daemonize –verbose # puppet master --mkusers
To introduce an agent to the server, run the following command on the agent side:
# puppet agent --server puppetmaster -waitforcert 60
Supposedly, the request can be listed at the server side and then signed as follows:
# puppet cert --list # puppet cert sign puppetclient.doublecloud.org
Part 5: Add site.pp
On the puppet server, add the following code
# vim /etc/puppet/manifests/site.pp
node default {
file { “/tmp/hello” :
content => “hello doublecloud.org!”
}
}
You can actually add modules and so on, but to keep it simple I just use this very simple site.pp to illustrate the idea.
Part 6: Apply Configuration
After the site.pp is saved on the master side, it’s time to apply it on the agent side:
# puppet agent --server puppetmaster.doublecloud.org --test
This does not change anything because the test switch says it’s just a dry run. To materialize the change, you want to remove the test switch:
# puppet agent --server puppetmaster.doublecloud.org
To verify the change, you can use the following command on Puppet agent machine.
# cat /tmp/hello
Tricks and Tips
When I tried the Puppet master, I got the following error “Error: could not run: Could not create PID file: /var/run/puppet/master.pid.” The error was caused by the fact that an instance of master is running or not cleanly shutdown. The solution is to kill it as follows:
# ps –ax | grep puppet # kill -9 20724
Your process ID is most likely different from listed above. You need to dig it out from the first command.
Now, time to try it by yourself. Have fun!
I will further discuss how to use Puppet in virtualized environment like vSphere, and vCloud Director. Stay tuned.
Running Puppet in Client/Server Mode (DoubleCloud) http://t.co/5JfFZgL672